We've got our keys, but we need to let SSH know which hosts we want to use what keys with. We'll need to edit the user config file for ssh, located in '~/.ssh/config' (If this file doesn't already exist, go ahead and create it there).

+

We've got our keys, but we need to let SSH know which hosts we want to use what keys with. We'll need to edit the user config file for ssh, located in '~/.ssh/config' (If this file doesn't already exist, go ahead and create it there)

+

+

We'll need to add these lines:

+

<pre>

+

Host pony | pony.local

+

Hostname pony.noisebridge.net

+

ForwardAgent no

+

ForwardX11 no

+

IdentityFile ~/.ssh/pony.pub

+

</pre>

+

This defines a new hostname for ssh, sets some options for our security (no forwarding) and links this host to the key we generated.

==Configuring Pony==

==Configuring Pony==

You'll need some help for this next part, specifically someone listed on [[pony|pony's]] sudo list.

You'll need some help for this next part, specifically someone listed on [[pony|pony's]] sudo list.

Some guy does some stuff for you

Some guy does some stuff for you

Revision as of 15:09, 7 December 2010

Generating Keys

The command:

ssh-kegen -t dsa

will generate a DSA key pair that we can use to authenticate ourselves.

After pressing enter you'll be asked for a file location, with a default name of id_dsa located in your ~/.ssh/ directory. It's a good idea to give it a useful name (for our purpose, 'pony' will do). You'll also be asked for an optional pass phrase for the key. You can skip this by pressing enter if you like.

You'll now have two files, 'pony' and 'pony.pub' in your ~/.ssh/ directory:

Notice that 'pony.pub' is world readable, but the (private) pony key is only readable by you, the owner. Feel free to write your public key down on your wiki user page, your tax returns or your favorite bathroom stall.

Configuring Your SSH

We've got our keys, but we need to let SSH know which hosts we want to use what keys with. We'll need to edit the user config file for ssh, located in '~/.ssh/config' (If this file doesn't already exist, go ahead and create it there)